Information Security: Senior Management Bundle

Information Security: Senior Management Bundle

Human Logic
Updated Nov 27, 2019

Course Overview

For senior management executives, information security is a basic requirement for business success. Yet, despite being well-motivated, top managers often have only a superficial understanding of information security, which may lead them to make decisions that are not conducive to raising the organization's security level. Enhancing information security awareness among all employees has been found necessary, but the key to success is raising the awareness level of senior management. Playing a decisive role, they must assume overall responsibility for information security. The question is how to achieve this in an efficient and natural way.

In this course you will learn about Awareness and Training, Entity Context and Leadership, Information Security Risk Management, IS Continuity Management, Financial Phishing, Reset Password Over Phone, Storing Company Data on Personal External Drives in details explanation. 

Target Audience

Information Security

Learning Objectives

  • Understand the importance of formal, documented Trainings and Awareness programs
  • Review/Approve policy and associated controls for conducting required regular trainings within the company
  • Encourage/support adaption of security culture, and mandate periodic security awareness & workshops
  • Understand the function of Information Security Committee
  • Understand the role and contribution of the senior management in the establishment, implementation, maintenance and continual improvement of information security in the entity
  • Understand role of senior management in establishing and reviewing the Risk Management activities
  • Understand the assessment of risk posture to decide on technology/service (consultancy) initiatives
  • To counteract interruptions to business activities and to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption
  • Enable establishment of the business continuity policy and associated controls
  • Review and guide the testing of Business Continuity Plans
  • Understand the necessary support, resources needed to sustain identified services/operations
  • Reducing the Financial Damages
  • Avoiding the Damage
  • Protect the information against external or internal threats
  • Classify the information according to its criticality to protect it against unauthorized modifications or disclosure
  • Restrict users to use unathorised devices in organization computers/laptops.